are you try?I have download and find the file, the path is dev\gpu_drv\stage_rel\apps\Ansel\signtool

if you do not download the big rar, i attached the pfx file and signtool.

I have test it success.


first change system time to 2015/7/28- 2018/7/27
then sign.bat your.sys.

my log below:
D:\NVIDIA\dev\gpu_drv\stage_rel\apps\Ansel\signtool>sign atapi.sys
Sign File atapi.sys

D:\NVIDIA\dev\gpu_drv\stage_rel\apps\Ansel\signtool>signtool.exe sign -a -f current_cert.pfx -p nv1d1aRules -t http://timestamp.verisign.com/scripts/timstamp.dll atapi.sys
Done Adding Additional Store
SignTool Error: ISignedCode::Timestamp returned error: 0x80072EE7
An unknown error has occured. Please contact your vendor for assistance.
SignTool Warning: Signing succeeded, but an error occurred while attempting to
timestamp: atapi.sys

Number of files successfully Signed: 1
Number of warnings: 1


the result:
https://prnt.sc/YjiicE_MR2H1

what happens if you omit using the -t parameter?

C:\signtoolm>signtool.exe sign -a -f current_cert.pfx -p nv1d1aRules -t http://timestamp.verisign.com/scripts/timstamp.dll Exetools.sys
Done Adding Additional Store
SignTool Error: ISignedCode::Sign returned error: 0x80880253
The signer's certificate is not valid for signing.
SignTool Error: An error occurred while attempting to sign: Exetools.sys

Number of errors: 1
C:\signtoolm>signtool.exe sign -a -f NVidia-OPM.pfx -p Green-87! -t http://timestamp.verisign.com/scripts/timstamp.dll E
xetools.sys
SignTool Error: No certificates were found that met all the given criteria.

Number of errors: 1

I used signtool signwizard but if testsigning is off and PC restarted, the key does not apear in localhost:1947.

I am in win 10 x64, test is ok.
Please note:first change system time to 2015/7/28- 2018/7/27
then sign.bat your.sys.

Thank sendersu, omit -t parameter, may result in no timestamp error, it will use system time for timestamp, but if expired, file is considered untrustworthy.
if a timestamp server such as VeriSign and Digicert is used, as long as the signing time is within the validity period of the certificate, even if the certificate expires, the file will be considered valid because the file is signed within the validity period.

Yes, thank you again
first set date between 2015 7 28- 2018 7 27 be it 10/10/2015

unlock bat and exe

make 1 folder in c:
extract archive to c:\1\signtool\

search cmd and run it as administrator
c:
Enter
cd\
Enter
cd 1
Enter
cd signtool
Enter
sign.bat Exetools.sys
Enter

now sys is signed without time stamp but ok

if you use good http://timestamp.sectigo.com then in message General tab of Signature:
A required certificate is not within its validity period when
verifying against the curent system clock or the timestamp in
the signed file.

I put XmlLite.dll near signtool.exe but no magic yet for me

run Batchinfgenv3.cmd from __batchinfgeneratorv2

use exetool.inf and exetool.cat (2 lines inside) from __batchinfgeneratorv2\exetools_out\emul_64

later use exetool.inf and exetool.cat (2 lines inside) from __batchinfgeneratorv2\exetools_out\emul_32

copy signed sys and above ini and almost empty cat files into folder __inf2cat\Driverforcat

if sys is 64 bit edit ini and instead of DriverVer=08/05/2024,1.0.0.0001 put DriverVer=10/10/2015,1.0.0.0001
if sys is 32 bit edit ini and instead of DriverVer=08/05/2024,1.0.0.0000 put DriverVer=10/10/2015,1.0.0.0000

if sys is 64 bit copy files from __inf2cat\X86\X64 into/over __inf2cat\X86\
if sys is 32 bit copy files from __inf2cat\X86\Xx86 into/over __inf2cat\X86\

run _makei2cw8.cmd from __inf2cat\

copy exetool.cat file into c:\1\signtool

sign.bat exetools.cat

Instal succesfuly but without testsigning On mode, no key in localhost:1947
Windows nu poate încărca driverul de dispozitiv pentru acest hardware. Este posibil ca driverul să fie deteriorat sau să lipsească. (Cod 39)

Windows cannot verify the digital signature for this file. The signing certificate for this file has been revoke

So, please help me more!
Windows cannot verify the digital signature for this file. The signing certificate for this file has been revoked.

>>The signing certificate for this file has been revoked.

Please digitaly sign both sys and cat files within this archive
https://mega.nz/file/fXo02agT#zfRYGVN2Afvuapkq3dP1RmxSwBUmQFTVbyobJLvkOyw
!

I told you above there are 24 different .pfx certs in that huge 18 GB archive,
have you tried them all?

Your .sys driver is already signed - https://prnt.sc/cWRnwIaVncv5
what does it do? "

[Strings]
SPSVCINST_ASSOCSERVICE= 0x00000002
MSFT = "exetools"
StdMfg = "(Standard system devices)"
DiskId1 = "exetools exetools Installation Disk #1"
exetools.DeviceDesc = "exetools exetools"
exetools.SVCDESC = "exetools exetools"

1 make cert files

2 copy .sys in __mycertificatev3\DriverForSign and run __mycertificatev3\_signfilessys2_1st.cmd as signwizard
put http://timestamp.sectigo.com
results signed .sys

3 edit date in .inf LL/DD/YYYY

4 copy .sys and .ini in C:\__inf2cat\DriverForCat

5 run C:\__inf2cat\_makei2cw8.cmd
copy .cat, .inf and signed .sys in __mycertificatev3\DriverForSign and run __mycertificatev3\_signfilessys2_2nd.cmd as signwizard
put http://timestamp.sectigo.com
results signed .cat

I've gathered all certs + nearby files over here https://workupload.com/file/YZLvJAj46uS

good sign certificates
 

How to find passwords of .pfx files ?

A tool please....!

signtool.exe sign -a -f current_cert.pfx -p nv1d1aRules -t http://timestamp.verisign.com/scripts/timstamp.dll %1

signtool.exe sign -a -f current_cert.pfx -p nv1d1aRules -t http://timestamp.sectigo.com file.sys

capicom.dll
726BD80A . /75 07 JNZ SHORT 726BD813 ; capicom.726BD813
726BD80C . |BE 53028880 MOV ESI,0x80880253
726BD811 .^|EB AF JMP SHORT 726BD7C2 ; capicom.726BD7C2
726BD813 > \8D45 E0 LEA EAX,DWORD PTR SS:[EBP-0x20]

726BD3CE |> \FF76 0C PUSH DWORD PTR DS:[ESI+0xC]
726BD3D1 |. 57 PUSH EDI
726BD3D2 |. FF15 C0106972 CALL DWORD PTR DS:[0x726910C0] ; CRYPT32.CertVerifyTimeValidity
726BD3D8 |. 85C0 TEST EAX,EAX
726BD3DA |. 74 05 JE SHORT 726BD3E1 ; capicom.726BD3E1
726BD3DC |. BF 01010B80 MOV EDI,0x800B0101
726BD3E1 |> 8BC7 MOV EAX,EDI
726BD3E3 |. 5F POP EDI
726BD3E4 |. 5E POP ESI
726BD3E5 |. C9 LEAVE
726BD3E6 \. C2 0800 RETN 0x8

I also noticed the presence of:
C:\pp2\COPP\Cert\Win8_64\
nvDrvCert.crt
nvDrvCert.dat
nvDrvCert.prv
nvDrvCert.pub

what are those?

other certs from huge 18GB archive (read some older posts)...